Findings for SCA, High, [TheRedHatter/javagoof:todolist-core/pom.xml]:SQL Injection
Created by: armorcodegithubpreprod[bot]
Findings for SCA, High, [TheRedHatter/javagoof:todolist-core/pom.xml]:SQL Injection
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[,5.4.24.Final)
- Vulnerable Path: >null
Overview
org.hibernate:hibernate-core is a library providing Object/Relational Mapping (ORM) support to applications, libraries, and frameworks.
Affected versions of this package are vulnerable to SQL Injection. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
References
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[,5.3.18.Final),[5.4.0.Final, 5.4.18.Final)
- Vulnerable Path: >null
Overview
org.hibernate:hibernate-core is a library providing Object/Relational Mapping (ORM) support to applications, libraries, and frameworks.
Affected versions of this package are vulnerable to SQL Injection. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.
References
Snyk Project Status: Active